The alsa-lib package provides a library of functions for communication with kernel sound drivers.

A flaw in the alsa mixer code was discovered that caused stack execution protection to be disabled for the libasound.so library. The effect of this flaw is that stack execution protection, through NX or Exec-Shield, would be disabled for any application linked to libasound. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0087 to this issue

Users are advised to upgrade to this updated package, which contains a patched version of the library which correctly enables stack execution protection.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: